package com.fengye.security.config;

import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @author fengyexjtu@126.com
 * @date 2022年04月11日 8:41 PM
 */

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    /**
     * /api/test 只要认证就可以访问
     * /api/** 剩下的/api 下的接口必须拥有 ROLE_ADMIN 权限才能访问
     *
     * @author fengyexjtu@126.com
     * @date 2022/4/11 8:49 PM
     * @param http HttpSecurity
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .formLogin(Customizer.withDefaults())
                .authorizeRequests(req -> {
                    req.mvcMatchers("/api/test").authenticated();
                    req.mvcMatchers("/api/**").hasAnyRole("ADMIN");
                });
    }
}
